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Amendmen ts to the C\^ im<^ 

1. (currently amended) A system for authenticating an encryption key of a 
use r at a remote compter remotely netwnrV^rl a server 
comprising: a decrypt engine in the remnte ^^^p,^^. using a password 
provided by the user to decrypt in the n.mr.t. .^rr.^..^ ^„ encrypted data file 
provided by the user intense as to form . H^^.^^ data filP ^nH 
the decrypted data file to form at least part of t he encryption key of the user, 
without tr^n-smitting to the server eith^ fU. n a.ss^vnrH fV,. ^crvptPrf H.to ml 
or the de crvptjftd Hatf^ , 

2. (previously amended) The system of claim 1, wherein the encrypted data 
file is stored ori an RF smart card. 



3. (previously amended) The system of claim 1 , wherein the encrypted data 
file includes encrypted biometric data identifying the user. 

4. (cancelled). 

5. (cancelled) 

6. (cancelled) 

7. (currently amended) A method for providing an authenticated encryption 
I key of a user at a remote romnut^r remoti^Tv T,^t^».i;ed to a f^r^.. 

comprising the steps of; 

providing an encrypted data fil e to the remotft romp itt^^; 
providing a passwor d to the remote comp uter; and 

decrypting the encrypted data fil e in the mm ote romp.^-^t. using the 
password sq as to generate an authenticated encryption key of the use r without 
transmitting to the server either the p ass word or. th^ ^t^crvp t^ H^t^ fii^ 

8. . (previously amended) The method of claim 7, wherein the encrypted data 
file is stored on an RF smart card. 
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9. (previously amended) The method of claim 7, wherein th encrypted data 
file includes encrypted biometric data identifying the user. 

10. (original) The method of claim 9, wherein the biometric data includes a 
di^tized fingerprint of the user, 

1 1. (previously amended) The method of claim 7, further including the steps 
of: 

generating biometric data of the user by scannii^ a biometric feature of 
the user; and 

probabilisticaUy comparing the generated biometric data of the user to 
data derived from the encrypted data file to authenticate the encryption key of 
the user. 

12. (original) The method of claim 11, wherein the scanned biometric feature 
of the user is a fingerprint. 

13. (currently amended) A computer-accessible medixmi comprising program 
instructions for providing at a remote computer remotely networked to a server 
cpmputer a n authenticated encryption key of a user, comprising the steps of: 

using a password provided by the user to decrypt in the reinote comp iii-ftr 
an encrypted data file provided by the user so as to form a decrvoted date fils 
and so as to use the decrypt ed data file to form at least p art nW^ an 
authenticated encryption key of the use r without transmitting to the server 
either the password, the encry pted data file or the decryp ted data filp. 

14. (Previously added) The system of claim 1. wherein the encrypted data file 
includes encrypted biometric data, derived fi^m a digitized fingerprint of the 
user, identifying the user. 
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15. (Previously added) The system of claim 1, further comprising a biometric 
reader for generating a first biometric data of the user, wherein the first 
biometric data of the user is compared with a second biometric data of the user 
stored in the encrypted data file. 

16. ((Previously added) The system of claim 1, further comprising a 
fingerprint scanner for generating a first digitized fingerprint of the user, 
wherein the first digitized fingerprint of the user is compared with a second 
digitized fii^erprint of the user stored in the encrypted data file. 

17. (Currently amended) A system for authenticating an encryption key of a 
user, comprising: 

an input device at a remote computer remotely networked to a server 
computer f or receiving a password provided by the use r at the remote computer 
remotely networked to a server computer ; 

memory in the remote computer f or storit^ an encrypted data file 
including an encryption key of the user; and 

a decrypt engine in the remote computer for using the password to 
decrypt the encrypted data file and thorobv gcncratin g so as to form a decrypted 
data file and so as to use the decrypted data file to generate in the remote 
computer an authenticated encryption key of the use r, without transmitting to 
the server either the password, the encrypted data file or the decrypted data 
file . 

18. (Previously added) The system of claim 17, wherein the encrypted data 
file is stored on an RF smart card. 

19. (Previously added) The system of claim 17, wherein the encrypted data 
file includes encrypted biometric data identifying the user. 
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20. (Previously added) The system of claim 17, wherein the encrypted data 
file includes encrypted biometric data, derived from a digitized fingerprint of 
i the user, identifying the user. 

i 

I 

■ ) 

j 21. (Previously added) Hie system of claim 17, further comprising a 

i biometric reader for generating a first biometric data of the user, wherein the 

■ j . 

first biometric data of the user is compared with a second biometric data of the 
user stored in the encrypted data file. 

i . 

i 22. {Previously added) The system of claim 17, further comprising a 

fingerprint scanner for generating a first d^tized fingerprint of the user, 
wherein the first digitized fingerprint of the user is compared with a second 
digitized fingerprint of the user stored in the encrypted data file, 

23. (Previously added) The system of claim 17, further comprising a server 
configured to receive data encrypted using the authenticated encryption key. 

i 

24. (Currently amended) A system for authenticating an enciyption key of a 
! j use r at a remote computer remotely networked to a server computer . 

comprising: 

I an input device at the remote computer for receiving a password provided 

by the user, 

I an RF smart card for storing an encrypted data file, the encrypted data 

file including an encryption key of the user; 
j a decrypt engine in the remote computer f or using the password to 

' decrypt the encrypted data file so as to form a decrypted data file and so as to 

use the decrypted data file to generate in _the remote computer a nd th e reby 
; gen e rat e an authenticated encryption key of the use r without transmitting to 

I the server either the password, the encrypted data file, or the decrypted data 

! file: and 

I memory in the remote computer f or storing the decrypt engine. 

i 

i 

'i 
i! 

;| 5 ' , 
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25. (Previousty added) The system of claim 24, wherein the encrypted data 
file includes encrypted biometric data identifying the user. 

26. (Previously added) The system of claim 24, wherein the encrypted data 
file includes encrypted biometric data, derived from a digitized fingerprint of 
the user, identifyir^ the user. 

27. (Currently amended) A system for authenticating an encryption key of a 
user at a remote computer remotely networked to a sftrver comp utt*^, 
comprising: 

an input device at the remote computi-.r fnr receiving a password provided 
by the user; 

an RF smart card for storing an encrypted data fUe, the encrypted HatA 
ffle including an encryption key of the user and er-lirst biometric data of the 
user; 

a biometric reader for generating a-second biometric data of the user; 

and 

a decrypt engine in the remote computer fnr using the password to 
decrypt the encrypted data ffle. so as to for m a decryp te d data file and so as to 
3as e the decrypted data file tn ^ ^nerate in the remote computer 4 **,,^^ 
generating an authenticated encryption key of the user, if there is a 
probabiUstic match between the first biometric data and the second biometric 
data^wjthout tran smitting to the server either the password, the enr.rvpted Hat« 
file or the decrypted data file . 

28. (Cxurently amended) A system for authenticating an encryption key of a 
user, at a remote comput.er remotely ne tworked to a server computer ^ 
comprising: 

memory in the remote computer for storing an encrypted encryption key; 
an input device at the remotft r omputier f or receiving a password; 
a decrypt engine in the remote computer for using the password to 
decrypt the encrypted encryption key so as to isrsLan authenticated decrypted 
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encryption ke y without transmitting to the server either the password, the 
encrypted data file or the decrypted data file : and 

memory in the remote computer f or storii^ the decrypt engin e without 
transmitting to the server either the password^ the encrypted data file or the 
decrypted data file . 

29. (Previously added) The system of claim 28» wherein the encrypted data 
file includes encrypted biometric data identifying the user. 

30. (Previously added) Hie system of claim 28, wherein the encrypted 
encryption key in is stored on an RF smart card. 

31. (Currently amended) A system for authenticating an enciyption key of a 
use r at a remote computer remotely networked to a server computer , 
comprising: 

memory in the remote computer f or storing an encrypted encryption key 
and a first biometric data of the user; 

an input device at the remote computer f or receiving a password; 

a biometric reader at the remote computer for generating a second 
biometric data of the user; 

a decrypt engin e in the remote computer for comparing the first 
biometric data of the user with a second biometric data of the user and, if there 
is a probabilistic match, then using the password to decrypt the encrypted 
encryption key so as t o_form an authenticated decrypted enciyption key 
without transmitting to the server either the password, or the encrypted 
encryption kev ; and 

memory in the remote computer f or storing the decrypt engin e without 
transmitting to the server either the password, or the encrypted encryption 
kev . 
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32. (Previously added) The system of claim 31, wherein the password is used 
to decrypt the first biometric data before comparison with the second biometric 
data. 

33. (Previously added) The system of claim 31, wherein the biometric reader 
is a fingerprint scanner for generating a first digitized fingerprint of the user, 
and the first biometric data is a digitized fingerprint of the user, 

34. (Ciorrently amended) A method for authenticating an encryption key of a 
use r at a remote computer yemotelv networked to a server computer , 
comprising the steps of: 

storing an encrypted encryption key in memor y in a remote computer ; 
receiving a password provided by a user; and 

requiring use of the password in the remote computer t o deaypt the 
encrypted enciyption key so as t o form a deciypted encrypting ke y without 
transmitting to the server either the password, or the encrypted encryption 
key . 

35. (Currently amended) The method of claim 34, wherein the encrypted 
encryption key is stored on an-a RF smart card. 

36. (Previously added) The method of claim 34, wherein the encrypted 
enciyption key is stored with encrypted biometric data identifying the user, 

37. (Previously added) Tlie method of claim 36, wherein the encrypted 
biometric data includes a digitized fingerprint of the user. 

38. (Previously added) The S3rstem of claim 36, wherein the password is used 
to decrypt the first biometric data before comparison with the second biometric 
data. 
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i 
I 

39. (CTJirently amended) The method of claim 34, further comprising the 
steps of: 

scanning a biometric feature of the user to generate first biometric data 
of the user; 

decrypting second biometric data stored along with the encrypted 
j encryption key ;t 

probabilistically comparing the generated first biometric data to the 
decrypted second biometric data; and 

requiring the comparison to produce a probabilistic match before 
decrypting the encrypted encryption key to the decrypted encryption key. 

I 

■I ■ 

i i 40. {Previously added) The method of claim 32, further comprising the step of 

I reading the encrypted encryption k^ from an RF smart card. 

; i 

i ' 
I 

i 41. (Previously added) The method of claim 32, further comprising the step of 

j using the decrypted encryption key to encrypt data. 

i 

j 
j 

i 42. (New) A system for authenticating an encryption key of a user at a remote 

computer remotely networked to a server computer and transmitting secxire 
I data to the server computer, the system comprising: 

: a remote password receiving and processing me ans for receiving a 

password from a user and authenticating the password to provide an 
authenticated password at the remote c omputer 

means at the remote computer and isolated fi-om the server computer for 
receiving the authenticated password, for receiving an encrypted first data_fil-e 
from the user^and for generating a decryption key at the remote computer for 
decrypting the encrypted first data file at the remote computer^ and means for 
decrypting the encrypted first data file to form a decrypted first data file at the 
remote computer. 

means for generating an encryption key at the remote computer using 

i the decrypted first data file, for encrypting a second date file at the remote 

computer to form an encrypted second data file for transmiss ion to the server 
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usin^ the eticrvption kev. and for tr atismitting the encrypted second data file to 
the server without transmitting to the server either the password, the 
authenticated password, the encrypted fir st, data file, the decrypted first data 
file, or the encrvption key. 
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